Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
File: fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa (raw, json)
Hash identifier: 7ojLT9uuwZxJHPRvNpxqncXGQpOmvvBUBjRXYSFTQpk=
Subject key identifier: CF:84:B0:E5:87:5E:D4:7A:5F:E5:C3:C3:20:01:63:5A:3F:30:BF:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15A17D0ABB194E8DDE54D23459F78E8BF082AB63
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
Signing time: Fri 06 Feb 2026 00:40:06 +0000
ROA not before: Fri 06 Feb 2026 00:40:06 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 51.85.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:a1:7d:0a:bb:19:4e:8d:de:54:d2:34:59:f7:8e:8b:f0:82:ab:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:06 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=cb5ce9a5167e79df2c144ce22d8a8f094e588c705cc1fea103e0d55d20a695f7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:f7:33:12:df:ca:9e:0b:10:a6:ed:59:40:
08:0b:d8:92:4b:31:3b:eb:10:fc:97:1a:15:2b:7d:
56:63:31:bf:81:3d:85:e8:3f:a4:d9:a4:a5:fc:71:
e3:e5:ca:f8:fa:6c:15:1a:84:48:10:cd:58:5f:fb:
dc:de:23:4f:80:f0:e6:84:f0:7d:ac:3f:4e:49:45:
42:4e:5c:50:75:4f:52:fc:d8:93:d9:88:68:df:ea:
15:be:82:a9:ac:db:89:0e:e4:87:8a:a8:96:85:72:
06:fd:33:28:16:bd:a0:90:c8:dd:b9:23:0f:ac:9c:
dd:b1:c6:37:06:83:49:66:dd:3c:a8:f9:98:e4:0d:
c9:9d:31:0a:72:c0:44:4d:8d:a9:03:34:31:54:19:
a0:0f:09:01:f5:95:4f:df:43:17:bd:99:0e:9c:87:
02:4e:ca:63:26:ed:9a:8e:8f:f3:1c:da:0b:81:5b:
0e:31:80:41:4d:52:8d:3e:45:d0:1e:c8:21:ed:8d:
37:8a:d1:e9:48:2b:1e:77:8d:3e:c2:ed:e1:9d:5f:
94:cd:95:11:aa:8a:7f:77:fc:6a:ac:70:45:4c:a7:
9d:38:8e:17:27:9b:57:9c:04:e5:36:d9:87:40:c3:
a8:51:2a:e1:34:87:0e:ad:0f:a9:75:e0:df:97:1e:
0e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:84:B0:E5:87:5E:D4:7A:5F:E5:C3:C3:20:01:63:5A:3F:30:BF:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fe4e6b1e-120a-454b-8ea2-2504e0f34b7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:42:da:7f:46:ef:15:bf:e6:8d:3e:34:22:8b:ad:77:fb:ed:
66:f9:82:5d:be:6c:7c:4d:1c:87:4b:f8:0a:b7:67:30:8a:65:
4b:9d:0a:f8:48:33:49:13:9a:22:f4:04:88:67:ee:ad:db:78:
c8:25:0a:a8:af:9e:bd:48:dd:44:eb:90:d2:25:14:fb:53:48:
26:34:8e:fc:fc:32:74:ff:f8:cb:7d:36:8a:44:a4:15:89:6e:
91:21:b9:c8:86:65:18:d1:c0:16:83:95:66:0a:d5:11:d0:89:
55:a6:a8:ae:44:f2:79:8f:03:6e:33:ea:f7:7f:37:67:8f:e0:
be:06:92:9f:e4:8a:93:c3:b2:16:c1:3a:70:8e:80:ff:cf:4f:
46:b2:0f:8f:1f:f1:18:6a:05:14:7d:16:64:cf:78:d3:93:78:
b2:cc:0d:e0:4c:33:43:5f:b7:5c:b9:12:3a:8d:66:b8:25:41:
7f:7b:94:10:4d:b3:1f:4a:0e:27:34:9a:22:2a:0c:6d:69:35:
d5:71:03:90:92:f2:95:4d:60:0d:f8:3f:ff:ad:62:f0:31:f3:
8c:24:46:f7:08:c6:85:9b:bf:47:56:5a:e8:ef:af:e4:ac:a7:
21:c3:d6:3d:38:30:b2:6b:75:e8:3e:f0:de:99:c7:0b:91:36:
35:6b:c0:b8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFaF9CrsZTo3eVNI0WfeOi/CCq2MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMDZaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiNWNlOWE1MTY3ZTc5ZGYyYzE0NGNlMjJkOGE4ZjA5NGU1ODhjNzA1Y2Mx
ZmVhMTAzZTBkNTVkMjBhNjk1ZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+x9zMS38qeCxCm7VlACAvYkksxO+sQ/JcaFSt9VmMxv4E9heg/pNmkpfxx
4+XK+PpsFRqESBDNWF/73N4jT4Dw5oTwfaw/TklFQk5cUHVPUvzYk9mIaN/qFb6C
qazbiQ7kh4qoloVyBv0zKBa9oJDI3bkjD6yc3bHGNwaDSWbdPKj5mOQNyZ0xCnLA
RE2NqQM0MVQZoA8JAfWVT99DF72ZDpyHAk7KYybtmo6P8xzaC4FbDjGAQU1SjT5F
0B7IIe2NN4rR6UgrHneNPsLt4Z1flM2VEaqKf3f8aqxwRUynnTiOFyebV5wE5TbZ
h0DDqFEq4TSHDq0PqXXg35ceDksCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTPhLDl
h17Uel/lw8MgAWNaPzC/vDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmU0ZTZiMWUtMTIwYS00NTRiLThlYTItMjUwNGUwZjM0YjdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNVMA0G
CSqGSIb3DQEBCwUAA4IBAQChQtp/Ru8Vv+aNPjQii613++1m+YJdvmx8TRyHS/gK
t2cwimVLnQr4SDNJE5oi9ASIZ+6t23jIJQqor569SN1E65DSJRT7U0gmNI78/DJ0
//jLfTaKRKQViW6RIbnIhmUY0cAWg5VmCtUR0IlVpqiuRPJ5jwNuM+r3fzdnj+C+
BpKf5IqTw7IWwTpwjoD/z09Gsg+PH/EYagUUfRZkz3jTk3iyzA3gTDNDX7dcuRI6
jWa4JUF/e5QQTbMfSg4nNJoiKgxtaTXVcQOQkvKVTWAN+D//rWLwMfOMJEb3CMaF
m79HVlro76/krKchw9Y9ODCya3XoPvDemccLkTY1a8C4
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:24 2026 by rpki-client